<?php
	require "db.php";
	$user = 'root';
	$pass = '';
	$dbh = new PDO('mysql:host=localhost;dbname=taxi', $user, $pass);


$photo_car = $_FILES['photo_car']['name'];
$name_car = test_input($_POST["name_car"]);

	
function test_input($data) {
		$data = trim($data);
		$data = stripslashes($data);
		$data = htmlspecialchars($data);
		return $data;
	}
	

		$sth = $dbh->prepare(
    "INSERT INTO 
                `auto`(`photo_car`, `name_car`) 
            VALUES 
                (:photo_car, :name_car)
            ");
	$sth->execute(array('photo_car' => $photo_car,
						'name_car' => $name_car));

if(move_uploaded_file($_FILES['photo_car']['tmp_name'], 'img/' . $photo_car)){
	header("Location: add_car.php");
} else{
	echo 'Файл НЕ на сервере';
}
?>